Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254181	7.8	危険	シスコシステムズ	-	Cisco ASA 5500 シリーズの IPv6 のNDプロトコル実装におけるサービス運用妨害 (DoS) 脆弱性	CWE-399 リソース管理の問題	CVE-2010-4670	2012-03-27 18:42	2011-01-7	Show	GitHub Exploit DB Packet Storm

254182	4.3	警告	Coppermine Photo Gallery	-	CPG におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4667	2012-03-27 18:42	2011-06-14	Show	GitHub Exploit DB Packet Storm

254183	10	危険	CMS Made Simple	-	CMSMS のNews モジュールにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2010-4663	2012-03-27 18:42	2011-06-8	Show	GitHub Exploit DB Packet Storm

254184	4.3	警告	Hastymail	-	Hastymail2 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4646	2012-03-27 18:42	2011-01-18	Show	GitHub Exploit DB Packet Storm

254185	10	危険	Novell	-	Novell GroupWise の IMAP サーバコンポーネンにおけるメモリ二重解放の脆弱性	CWE-399 リソース管理の問題	CVE-2010-4711	2012-03-27 18:42	2010-11-4	Show	GitHub Exploit DB Packet Storm

254186	4.3	警告	Yahoo!	-	YUI のメニューウィジェットにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4710	2012-03-27 18:42	2010-12-16	Show	GitHub Exploit DB Packet Storm

254187	7.5	危険	Joomla!	-	Joomla! における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4696	2012-03-27 18:42	2010-11-4	Show	GitHub Exploit DB Packet Storm

254188	4.3	警告	XWiki	-	XWiki Enterprise におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4642	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

254189	7.5	危険	XWiki	-	XWiki Enterprise における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4641	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

254190	4.3	警告	XWiki	-	XWiki Watch におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4640	2012-03-27 18:42	2010-12-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
561	-		-	-	Jellyfin is an open source self hosted media server. Prior to 10.11.10, a specifically crafted MKV file containing forged filename tags can be leveraged to exploit missing path sanitization during pl… New	CWE-22 Path Traversal	CVE-2026-49246	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

562	8.8	HIGH Network	-	-	Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize… New	CWE-20 CWE-73 Improper Input Validation External Control of File Name or Path	CVE-2026-48720	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

563	7.5	HIGH Network	-	-	Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted ZIP … New	CWE-22 Path Traversal	CVE-2026-44017	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

564	5.3	MEDIUM Network	-	-	swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. swift-nio-http2 1.44.1 adds validatio… New	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-28898	2026-06-26 05:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

565	-		-	-	FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, the Servicecustom Client API's __call method accepts an order_id parameter and fetches the associ… New	CWE-284 CWE-639 CWE-862 Improper Access Control Authorization Bypass Through User-Controlled Key Missing Authorization	CVE-2026-27708	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

566	7.5	HIGH Network	-	-	List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise() collects the values returned by the block into a heap buffer sized to the longer in… New	CWE-122 CWE-787 Heap-based Buffer Overflow Out-of-bounds Write	CVE-2026-12844	2026-06-26 05:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

567	7.5	HIGH Network	-	-	An issue in the sqlo_natural_join_cond component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. New	CWE-89 SQL Injection	CVE-2025-61021	2026-06-26 05:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

568	7.5	HIGH Network	-	-	An issue in the sqlo_key_part_best component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. New	CWE-89 SQL Injection	CVE-2025-61019	2026-06-26 05:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

569	7.5	HIGH Network	-	-	The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration… New	CWE-306 Missing Authentication for Critical Function	CVE-2026-1840	2026-06-26 05:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

570	-		-	-	Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attac… New	CWE-125 Out-of-bounds Read	CVE-2026-12897	2026-06-26 05:16	2026-06-26	Show	GitHub Exploit DB Packet Storm